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What is claimed is: 



1 1 . A method for backing up a biometrics-based authentication device comprising the 

2 steps of: 

3 obtaining a first encryption key; 

4 enciphering lower tier data with said first encryption key to generate an encrypted 

5 lower tier backup file; 

6 obtaining a second encryption key; and 

7 enciphering upper tier data with said second encryption key to generate an encrypted 

8 upper tier backup file, wherein said lower tier data contain encrypted identification of a user 

9 and authentication information associated therewith and wherein said upper tier data contain 

10 biometrics data of said user and said lower tier data encrypted with said first encryption key. 

1 2. The method according to claim 1, wherein 

2 said authentication information comprises private keys and corresponding certificates. 

1 3. The method according to claim 1, further comprising the step of: 

2 generating a restore validation script for establishing restore requirements of said 

3 upper tier data. 

1 4. The method according to claim 3, wherein 

2 said upper tier data further contain said restore validation script. 

1 5. The method according to claim 1, further comprising the step of: 

2 establishing a secure connection with a service bureau. 

1 6. The method according to claim 5, further comprising the step of: 

2 obtaining said first and said second encryption keys from said service bureau. 
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1 7. The method according to claim 1, further comprising the step of: 

2 storing said encrypted lower tier backup file and said encrypted upper tier backup file 

3 as one or more physical files. 

1 8. A method for restoring onto a new biometrics-based authentication device said lower 

2 tier data and said upper tier data according to claim 1, comprising the steps of: 

3 enrolling new biometrics data of said user onto said new biometrics-based 

4 authentication device; 

5 obtaining an upper tier data decryption key; 

6 deciphering said encrypted upper tier backup file with said upper tier data decryption 

7 key to generate decrypted upper tier data including decrypted biometrics data; 

8 determining, based on said decrypted biometrics data, whether said new biometrics 

9 data are valid; 

10 obtaining a lower tier data decryption key when said new biometrics data are valid; 

11 deciphering said encrypted lower tier data with said lower tier data decryption key to 

12 generate decrypted lower tier data; and 

13 storing said decrypted lower tier data onto said new biometrics-based authentication 

14 device. 

1 9. The method according to claim 8, further comprising the steps of: 

2 uploading said encrypted lower tier backup file and said encrypted upper tier backup 

3 file onto said new biometrics-based authentication device; 

4 obtaining an access clearance from a service bureau; and 

5 establishing a secure connection with said service bureau using said access clearance. 

1 10. The method according to claim 9, further comprising the step of: 

2 obtaining said upper tier data decryption key and said lower tier data decryption key 

3 from said service bureau. 

1 11. The method according to claim 8, further comprising the step of: 

2 verifying that said decrypted upper tier data have not been tampered or altered. 
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1 12. An apparatus for implementing the method according to claim 1 or 8, wherein 

2 said apparatus is configured to perform the steps of claim 1 or 8. 

1 13. An article of manufacture for implementing the method according to claim 1 or 8, 

2 wherein said article of manufacture comprising a computer readable medium carrying 

3 computer-executable instructions implementing the steps of claim 1 or 8. 



